Web services in different trust boundaries interact with each other via SOAP messages to realize functionality in a collaborative environment. Exchanging SOAP messages for remote service invocation has gained wide acceptance among web service developers. Several web service security standards are widely deployed aiming at securing exchanges of a single SOAP message and a conversation of SOAP messages among partners in a collaborative environment. Concerns have been raised about the possibility of XML rewriting attacks within this context and their early detection. In this paper, we demonstrate such possible attacks with respect to WS* policy based scenarios to set a security context and to use a security context for conversations of SOAP messages. We show how our proposed SOAP Account [21] solution could be applied for early detection of XML rewriting attacks, specifically regarding secure SOAP-based conversations. A simulation-based performance analysis and comparison of our SOAP Account approach vs. a WS* policy based approach complements our observations.
